Department of Homeland Security is warning that a group of mostly Middle East- and North Africa-based criminal hackers are preparing to launch a cyber attack campaign next week known as \u201cOpUSA\u201d against websites of high-profile US government agencies, financial institutions, and commercial entities. A confidential alert, produced by DHS on May 1 and obtained by KrebsOnSecurity, predicts that the attacks \u201clikely will result in limited disruptions and mostly consist of nuisance-level attacks against publicly accessible webpages and possibly data exploitation.<\/p>\n
<\/p>\n","protected":false},"excerpt":{"rendered":"
The DHS alert is in response to chest-thumping declarations from anonymous hackers who have promised to team up and launch a volley of online attacks against a range of U.S. targets beginning May 7.<\/p>\n
<\/p>\n
But Rodney Joffe, senior vice president at Sterling, Va. based security and intelligence firm Neustar, said all bets are off if the campaign is joined by the likes of the Izz ad-Din al-Qassam Cyber Fighters, a hacker group that has been disrupting consumer-facing Web sites for U.S. financial institutions since last fall. Joffe said it\u2019s easy to dismiss a hacker manifesto full of swear words and leetspeak as the ramblings of script kiddies and impressionable, wannabe hackers who are just begging for attention. \u201cThe damage they\u2019re capable of doing may be out of proportion with their skills, but that\u2019s been going on for seven months and it\u2019s been brutally damaging.\u201d<\/p>\n
<\/p>\n
What\u2019s more, the DHS warning comes just days after the FBI issued a flash alert on Brobot (PDF) warning that hackers have been modifying the attack scripts to ensure they can evade their targets\u2019 mitigation efforts. \u201cBecause the attacks have been ongoing for seven months, the actors are changing their attack methodology to circumvent mitigation efforts of the financial institutions,\u201d reads an FBI alert obtained by BankInfoSecurity.com. \u201cThe latest version of the \u2018Brobot\u2019 attack scripts that have been utilized to attack the login capabilities of a financial institution\u2019s website spoofs a fraudulent access cookie, user-agent string and referrer. The FBI alert notes that the hard-coded string does not affect the new attack script, but can be used as signatures for intrusion detection and intrusion prevention devices to detect and block attacks from the Brobot botnet.<\/p>\n